Well.
Since when SNMP, NTP or DNS are vulnerable?
They both follow to the appropriate RFC's, contrary to all those AS
+ /24 that keep allowing spoofing source IP address.
The victims of attacks could get the Tiers to follow back the source
of the attack instead, but the corporati
On Sat, Feb 22, 2014 at 6:41 AM, Rich Kulawiec wrote:
Perhaps you would rather publish a blacklist of "/24s containing NTP
servers open to MONLIST" over UDP port 123 similar to the bogon feeds.
And encourage all networks to blackhole the list.
That way potential NTP reflection abuse traffi
On Feb 21, 2014, at 5:08 PM, Baldur Norddahl wrote:
> Hi
>
> The following would probably be illegal so do not actually do this. But
> what if... there are just 4 billion IPv4 addresses. Scanning that
> address-space for open NTP is trivially done in a few hours. Abusing these
> servers for ref
It's never appropriate to respond to abuse with abuse. Not only is
it questionable/unprofessional behavior, but -- as we've seen -- there
is a high risk that it'll exacerbate the problem, often by targeting
innocent third parties.
I understand the frustration but this is not the way.
---rsk
On 21 February 2014 14:08, Baldur Norddahl wrote:
> Hi
>
> The following would probably be illegal so do not actually do this. But
> what if... there are just 4 billion IPv4 addresses. Scanning that
> address-space for open NTP is trivially done in a few hours. Abusing these
> servers for reflecti
5 matches
Mail list logo
